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Summary 


The  Synthesizer  Generator  is  a  system  for  generating  language-based  editors  and 
interfaces  from  formal  grammatical  specifications.  This  project  aimed  to  evaluate  the 
utility  of  the  Synthesizer  Generator  for  building  professional-quality  user  interfaces  for 
formal-methods  tools.  As  a  test  case,  we  used  the  Synthesizer  Generator  to  prototype  a 
new  user-interface  for  the  Cornell  University’s  NuPRL  theorem  proving  system,  and 
delivered  it  to  Cornell. 

The  project  had  two  primary  co-objectives:  (1)  the  development  and  delivery  of  a  tool 
useful  for  NuPRL,  and  (2)  prototyping  generic  facilities  reusable  for  other  applications. 
The  prototype  NuPRL  editor  addressed  term  editing  and  proof  editing.  We  successfully 
demonstrated  that  the  Synthesizer  Generator  could  replicate  the  essential  behavior  of  the 
handcrafted  NuPRL  user-interface.  The  distributed  system  structure  prototyped  in  this 
project,  in  which  the  editor  ran  as  a  separate  process  and  interacted  with  NuPRL  by 
message  passing,  substantially  influenced  the  architecture  subsequently  adopted  by 
NuPRL. 

The  project  began  on  1  July  1996  and  ran  through  30  June  97.  It  followed  completion  of 
an  ONR  SBIR  Phase  I  project  entitled  “User  Interfaces  for  Rule-Based  Formal  Methods 
Environments”,  and  contributed  to  the  subsequent  ONR  SBIR  Phase  II  project  of  the 
same  name.  The  results  of  that  SBIR  project  have  since  been  commercialized  as  Ada- 
ASSURED  for  Windows  and  CodeSurfer®. 

Results 

Historically,  most  formal-methods  systems  have  had  minimal  “glass  teletype”  command¬ 
line  interfaces.  Not  surprisingly,  formal-methods  specialists  have  focused  on  their  logics 
while  providing  the  simplest,  least-cost  interface  possible.  Many  environments  have 
continued  to  ignore  GUI  interfaces  and  remain  based  on  Emacs.  For  example,  PVS  uses 
standard  Emacs  (with  a  few  minor  embellishments)  for  text  editing  theory  files  and  a 
shell  window  for  interacting  with  the  prover’s  command-line  interface  [1,2]. 

The  transcript  produced  by  command-line  interactions  is  just  a  linear  sequence  of 
inanimate  “dead”  characters;  in  contrast,  active  documents  consist  of  “animate” 
interacting  textual  and  graphical  elements.  Interaction  via  direct  manipulation  of  active 
documents,  one  of  the  great  interface  revolutions  of  the  80’s,  has  not  been  exploited  by 
most  formal  methods  systems.  They  have  largely  retained  a  temporal  perspective  (i.e., 
command  sequence)  and  have  not  adopted  the  often  more  effective  spatial  perspective 
(i.e.,  active  document).  This  has  been  true  both  at  coarse  granularity,  e.g.,  theory 
browsing,  and  at  fine  granularity,  e.g.,  term  editing. 

Fine-grained  active  documents.  Effective  editing  of  fine-grained  active  documents,  e.g., 
language-sensitive  term  editing,  is  not  easily  provided  by  standard  GUI  elements. 

Rather,  it  must  be  laboriously  programmed.  The  Synthesizer  Generator,  GrammaTech's 
commercial  technology  for  generating  language-sensitive  editors  and  user-interfaces,  is 
renowned  for  its  editing  support  of  fine-grained  active  documents. 


Result  1.  We  continued  development  of  a  prototype  NuPRL  term  editor 
implemented  using  the  Synthesizer  Generator,  taking  advantage  of  recent 
improvements  in  the  Synthesizer  Generator  such  as  Motif  GUI  elements  and  a 
Scheme-based  editor  scripting  language. 

Proofs  as  documents.  Most  formal-methods  systems  do  not  view  a  proof  as  a 
hierarchical,  editable,  browsable  document.  They  have  adopted,  instead,  some  form  of 
goal-stack  model  in  which  the  only  persistent  record  of  a  proof  is,  at  best,  a  linear  proof 
script  —  a  sequential  record  of  the  steps  taken  to  make  the  proof  [3,4].  The  process  of 
trial-and-error  proof  is  viewed  as  linear  “time  travel”  forward  and  backward  through  the 
space  of  partial  proof  states  rather  than  random  access  cut-and-paste  in  a  partial  proof 
document.  In  contrast  to  most  formal-methods  systems,  NuPRL  [5]  has  embraced  the 
proof-as-document  concept  for  years. 

Result  2.  We  prototyped  a  proof-as-document-style  proof  editor  for  NuPRL. 

Although  options  to  prototype  library  browsers  and  efficient  storage  mechanisms  for 
replicated  fine-grained  objects  were  not  funded,  some  aspects  of  the  intended  work  were 
eventually  addressed  under  our  subsequent  SBIR  Phase  II  project,  and  have  now  been 
commercialized  in  CodeSurfer®. 
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